Don't set default public key methods in FIPS mode so applications

can switch between modes.
author: Dr. Stephen Henson <steve@openssl.org> 2011-06-20 19:41:13 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2011-06-20 19:41:13 +0000
commit: 3a5b97b7f124cbd5346ab0d8fe6fc1705a81a675 (patch)
tree: 0f027ac3ffcd69a7242023f43d5b309be2b71983 /crypto/rsa
parent: 45bf825066b1929ec219b8b76321f5191e44f370 (diff)
1 files changed, 7 insertions, 9 deletions
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index e844395482..c95ceafc82 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -91,18 +91,16 @@ const RSA_METHOD *RSA_get_default_method(void)
 	{
 	if (default_RSA_meth == NULL)
 		{
-#ifdef RSA_NULL
-		default_RSA_meth=RSA_null_method();
-#else
-#if 0 /* was: #ifdef RSAref */
-		default_RSA_meth=RSA_PKCS1_RSAref();
-#else
 #ifdef OPENSSL_FIPS
 		if (FIPS_mode())
-			default_RSA_meth = FIPS_rsa_pkcs1_ssleay();
+			return FIPS_rsa_pkcs1_ssleay();
 		else
-#endif
-			default_RSA_meth=RSA_PKCS1_SSLeay();
+			return RSA_PKCS1_SSLeay();
+#else
+#ifdef RSA_NULL
+		default_RSA_meth=RSA_null_method();
+#else
+		default_RSA_meth=RSA_PKCS1_SSLeay();
 #endif
 #endif
 		}
author	Dr. Stephen Henson <steve@openssl.org>	2011-06-20 19:41:13 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2011-06-20 19:41:13 +0000
commit	3a5b97b7f124cbd5346ab0d8fe6fc1705a81a675 (patch)
tree	0f027ac3ffcd69a7242023f43d5b309be2b71983 /crypto/rsa
parent	45bf825066b1929ec219b8b76321f5191e44f370 (diff)